aspose file tools*
The moose likes Tomcat and the fly likes SSL Cert Error - Mismatched Address Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "SSL Cert Error - Mismatched Address" Watch "SSL Cert Error - Mismatched Address" New topic
Author

SSL Cert Error - Mismatched Address

Ed James
Greenhorn

Joined: Feb 10, 2010
Posts: 7
Hi all,

I have just setup a new Tomcat installation and created a keystore, created a CSR, created the Cert (using our internal CA), imported the root cert into the keystore and then the site cert into the keystore (alias www.somesite.ourdomain.ca). Looks like I've created everything correctly - no errors during any of these steps. However, when I load the site, I get "Certificate Error: Mismatched Address". I thought that I just needed to add a Host name entry into the server.xml conf file to include www.somesite.ourdomain.ca but I'm missing something. Can someone help me with this? What am I overlooking? As you can tell, I'm new to Tomcat :-)

Thanks
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16012
    
  19

If this is the message I think it is, the hostname on the SSL cert doesn't match the hostname that you're serving it from.


Customer surveys are for companies who didn't pay proper attention to begin with.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

When you generate your cert request with the Java keytool it asks you a series of questions.
One of them is your first and last name (which is misleading).
What it really wants there is the domain name. If that doesn't match the domain of your server you will get this message.

For instance, if you were generating a key for www.acme.com your keytool session would look like:


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SSL Cert Error - Mismatched Address